Spencer/vishnu
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

adding fork message

Browse Source
This commit is contained in:
Pin
2022-04-03 20:47:54 -04:00
parent e8379e0c66
commit 6d101ddd9c
1 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@@ -1,5 +1,7 @@
# Vishnu(The Hidden Backdoor)
Forked from: https://github.com/emmaunel/vishnu
###### RS{JOIN_REDTEAM}
Taken from the Trimurit, the triple deity of supreme divinity. Vishnu is known as "The Preserver". This program is a proof of concept code to test the idea of port-knocking in golang.
@@ -10,7 +12,7 @@ Most backdoors usually have port listening and they can be easily be found by do
## Technical Details
At the beginning of the file, there are some configurations that needs to be set. Like what interface you want to listen to and what type of filter you want.
With the use of [gopacket](https://github.com/google/gopacket) which is a wrapper around libpcap, the program is able to read every packets that comes through the specific network interface. With this PoC, it is looking for SYN packets(this can be changed to whatever), if it is not, the packets are ignored. If the packet is a SYN, it looks at the destination port.
With the use of [gopacket](https://github.com/google/gopacket) which is a wrapper around libpcap, the program is able to read every packets that comes through the specific network interface. With this PoC, it is looking for SYN packets(this can be changed to whatever), if it is not, the packets are ignored. If the packet is a SYN, it looks at the destination port.
In order for the hidden port to be open, the sequence of destination ports have to match what's in the array. For example, if the secret ports are `80, 81, 82, 83`, you have to send SYN packets in exactly that way. `81, 80, 83, 82` would not work.
@@ -25,7 +27,7 @@ There is one static value that is needed in order for this to work properly on L
- The string value being returned, found in `spec/spec_linux.go`, in the `GetAdapter()` function. It is set to return `"ens160"` by default. Modify this value as you see fit.
To compile, you need libpcap. On linux, you can install by running `sudo apt install libpcap-dev`.
To compile, you need libpcap. On linux, you can install by running `sudo apt install libpcap-dev`.
For the port opening, make sure you have `inetd` installed. If you are not sure, run `apt install openbsd-inetd`.
@@ -43,7 +45,7 @@ There are few other modifications that can be made in the targetInfo struct. Go
### Connectback Shell Info
You can optionally have the backdoor operate in connectback mode - where after successfully knocking a shell is sent back to the knocking IP on a predetermined port.
You can optionally have the backdoor operate in connectback mode - where after successfully knocking a shell is sent back to the knocking IP on a predetermined port.
Be careful doing this behind NAT as while knocking will work, the shell won't get back to you. You'll need to do port forwarding or listen for the shell on a public IP.